Visa Inc. processed 10.3 billion transactions in its third fiscal 2009 quarter ended June 30, up 8.4% from 9.47 billion a year earlier. But most of the operating data Visa released Wednesday with its latest earnings report were for the quarter ended March 31, and they showed a 9.7% decline in U.S. credit payments volume and 3.9% decline in credit transactions from the year-earlier quarter. U.S. debit volumes, however, rose 4.7% and transactions increased 10.3%.

“We are very proud to announce our new board,” said Tom Donlea, MRC Executive Director. “The electronic payment professionals who serve on our board represent the brightest minds in our industry. This group will prove invaluable in driving towards and achieving the vision, mission and strategic goals of the MRC.”

“Tim, David, Ori and Jon have been instrumental figures in the evolution of the Merchant Risk Council,” said Tom Sullivan, MRC Board Chair. “Their commitment, energy and expertise have been vital in educating our membership on the advancements and progression of electronic payment fraud prevention.”

The MRC Board will next convene at the Merchant Risk Council’s Semi-Annual Platinum Meeting in San Jose, CA, September 30-October 1, 2009.

About the Merchant Risk Council

The Merchant Risk Council (MRC) is a merchant-led trade association focused on electronic commerce risk and payments globally. The MRC leads industry networking, education and advocacy programs to make electronic commerce more efficient, safe and profitable.

Today, with the power of its member-base, the MRC is the leading trade association for managing payments, preventing online fraud and promoting secure e-Commerce. The MRC is dedicated to working with e-Commerce and multi-channel merchants, payment processors, credit card issuers, credit card companies, alternative payment providers, risk management experts, and law enforcement to make the Internet a safer and more profitable place to do business.

Does the picture on the left look familiar? Cause I've used it a dozen times in a dozen posts. In fact, most recently, about two posts ago. The article below is justifies it's use once again. And this is only the tip of the iceberg. Smartphones use browsers. Browsers are not safe. Financial transactions need to be done outside the browser space. It's the typing. Researchers at Black Hat exposed a major vulnerability in the iPhone which would allow a hacker to send an SMS message and completely take over not only your iPhone but everybody in your contacts lists phones as well.

iPhone vulnerable to hacker attacks, experts say

Flaws can be exploited to take complete control over an iPhone (and other smart phones)

LAS VEGAS - Security experts have uncovered flaws in Apple Inc.'s iPhone that they said hackers can exploit to take control of the popular device, using the tactic for identity theft and other crimes.

IPhone users needed to be warned that their devices are not secure and Apple should try to repair the vulnerability as soon as possible, they said at the Black Hat conference in Las Vegas, one of the world's top forums for exchanging information on computer security threats.

"It's scary. I don't want people taking over my iPhone," Charlie Miller, a security analyst with consulting firm Independent Security Evaluators, said in an interview.

Miller and Collin Mulliner, a Ph.D. student at the Technical University of Berlin, also discovered a method for hacking the iPhone that lets hackers easily knock a victim's iPhone off a carrier's network.

It prevents users from making calls, accessing the Internet and exchanging text messages, they added.

The two showed how they can disconnect an iPhone from the cellular network by sending it a single, maliciously crafted text message — a message the victim never sees. The messages exploit bugs in the way iPhones handle certain messages and are used to crash parts of the software.

1. The major issue is a security flaw involving SMS. Specifically, thehack can control an iPhone remotely, including your iPhone’s camera, Safari, and more. It can even send messages to friends in your address book, which is where this hack becomes scariest.2. The hack works by sending you code in an SMS message (or a seriesof messages) that crashes your iPhone. After that, your iPhone istheirs to use.3. The offending text would come in the form of a single square character. If you get the square character, turn off your phone IMMEDIATELY.4. You only have to receive the message to get hacked; you don’t even have to do anything with the text message.5. The flaw was discovered by noted security expert Charlie Miller, who has hacked everything from MacBook Airs to Second Life, and partner Collin Mullinger. 6. The attack was presented publicly at the Black Hat conference.The duo decided to do this after Apple gave them no response back inJuly, when they provided Apple with information on the security flaw.The goal is to bring attention to the flaw (which they are clearlygetting).7. According to Reuters, now that the vulnerability is exposed, hackers could build software that mounts this SMS attack within the next two weeks.8. Apparently Google Android, Windows Mobile phones, and Palm Presare vulnerable to similar hacks. The team demonstrated the attack on anAndroid phone and a Windows Mobile phone.- Mashable.com

They even said it's possible to remotely control an iPhone by sending 500 messages to a single victim's phone. Those messages contain the necessary commands for the attack and would get executed automatically by exploiting a weakness in the way the iPhone's memory responds to that volume of traffic.

Miller said messaging attacks are so attractive, and are going to become more common, because the underlying technology is a core phone feature that can't be turned off.

"It's such a powerful attack vector," Miller said. "All I need to know is your phone number. As long as their phone's on, I can send this and their phone's going to do something with this. ... It's always on, it's always there, the user doesn't have to do anything — it's the perfect attack vector."

They said the information they presented at Black Hat will give criminals enough information to develop software to break into iPhones within about two weeks.

Detective Carl Berry of the Organized Crime Unit of the Jamaica Constabulary Force shows merchants and employees a fake credit card that was seized by the police, at a National Commercial Bank 'Merchant Fraud Seminar' in Kingston. To curtail its losses from credit card scams, NCB has partnered with the police on a series of seminars.

Corporate earnings lost to fraud hit $665 million for the first half of this year, prompting the police fraud squad to warn company managers and individuals to be more vigilant in the supervision of employees and pre-paying for goods and services.

But that outcome annu-alised is a more than a two-fold improvement, coming off a spectacular year for crooks in 2008 when monies lost to fraudulent activity passed the J$3 billion mark for the first time in Jamaica's history.

As news that the Symbian Foundation has admitted it needs better safeguards to prevent malicious apps finding their way onto mobiles,

Fortify Software predicts this problem is going to get worse for mobile phone manufacturers and their operating system developers.

"The problem with mobile phones is that their processing capacity is increasing at a near-exponential rate, with some of the latest smartphones the technological equivalent of the PCs seen in the early part of this decade," said Richard Kirk, director of the application vulnerability specialist.

"And whilst the power of the average smartphone has soared on the last few years, the behind-the-scenes technology and security assurance practices required to prevent any security loopholes in the operating system and/or applications is not as up to speed as it is on the desktop/laptop platforms," he added.

Because of this, hackers and malware developers are now turning their attentions to the microcomputer many of us have in our pockets - the smartphone.

Editor's Note: And the rush to bring a mobile payment platform that is "convenient" and "easy to use" will be a gold mine to hackers. A goldmine I say!

Authorities in New York have arrested four people accused of stealing $422,000 by exploiting a regulation requiring banks to reimburse the accounts of customers who claim their ATM cards have been used without their permission.

The four defendants - Lam Dang, Eric Manganelli, John Tluczek and Marzena Tluczek - are charged with making false claims totalling more than $700,000, to more than 20 banks, including HSBC, Wachovia and Chase.

In each case, the defendants opened accounts and padded them with large deposits over the course of several months before draining them again, with withdrawals of $500 to $1000 per day, say prosecutors.

Once the accounts were empty, the scammers would contact the bank and say their ATM cards had been stolen or lost and that the withdrawals were unauthorized. After the banks reimbursed the "stolen" money, the defendants would close the accounts, according to the indictment.

The four are accused of exploiting regulation E of the federal Electronic Fund Transfer Act, which requires banks to reimburse victims within 10 days of reporting the fraud.

A "tremendous" amount of financial data has been stolen by a Trojan that has infected hundreds of thousands of corporate and personal PCs, according to information security specialist SecureWorks.

Clampi, also known as Ligats, Ilomo or Rscan, has spread across Microsoft networks in a "worm-like fashion" and is "one of the largest and most professional thieving operations on the Internet" says Joe Stewart, director of malware research at SecureWorks' counter threat unit.

Once it has infected a PC, the Trojan monitors Web sessions to see if one of 4500 targeted sites are visited. If a victim uses one of these sites - which include those of banks, credit card companies, stock brokerages and insurance firms - it captures sensitive information such as usernames, passwords and PINs.

Disqus for ePayment News

Feedjit

Pages

ePaymentNews Given Thumbs Up by Gemalto

The art of a technology blog
by Tim Cawsey
It’s always pleasing to see creative, informed content get the recognition it deserves, particularly in the world of social media. I thought I’d take a look at some of the security, telecoms and emerging tech blogs that we’ve been following here at Gemalto.
In no particular order, here’s a look at five blogs I enjoy reading online when I’m looking for something reliable, entertaining and, above all, utterly informative from the blogosphere…
ePayment News – Curated by John B. Frank, the ePayment News blog is bold and beautiful, covering everything from tech updates to investment market reviews. Handy features include the ‘you might also like’ (I almost always do…) bars and Payment News RSS page of ever evolving information.